Show filters
610 Total Results
Displaying 141-150 of 610
Sort by:
Attacker Value
Unknown
CVE-2024-0570
Disclosure Date: January 16, 2024 (last updated January 24, 2024)
A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6265. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended to upgrade the affected component. VDB-250786 is the identifier assigned to this vulnerability.
0
Attacker Value
Unknown
CVE-2024-0569
Disclosure Date: January 16, 2024 (last updated January 25, 2024)
A vulnerability classified as problematic has been found in Totolink T8 4.1.5cu.833_20220905. This affects the function getSysStatusCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument ssid/key leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.5cu.862_B20230228 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-250785 was assigned to this vulnerability.
0
Attacker Value
Unknown
CVE-2023-52026
Disclosure Date: January 12, 2024 (last updated January 19, 2024)
TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution (RCE) vulnerability via the telnet_enabled parameter of the setTelnetCfg interface
0
Attacker Value
Unknown
CVE-2024-23061
Disclosure Date: January 11, 2024 (last updated January 19, 2024)
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the minute parameter in the setScheduleCfg function.
0
Attacker Value
Unknown
CVE-2024-23060
Disclosure Date: January 11, 2024 (last updated January 19, 2024)
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function.
0
Attacker Value
Unknown
CVE-2024-23059
Disclosure Date: January 11, 2024 (last updated January 19, 2024)
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function.
0
Attacker Value
Unknown
CVE-2024-23058
Disclosure Date: January 11, 2024 (last updated January 19, 2024)
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pass parameter in the setTr069Cfg function.
0
Attacker Value
Unknown
CVE-2024-23057
Disclosure Date: January 11, 2024 (last updated January 19, 2024)
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the tz parameter in the setNtpCfg function.
0
Attacker Value
Unknown
CVE-2024-22942
Disclosure Date: January 11, 2024 (last updated January 19, 2024)
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the hostName parameter in the setWanCfg function.
0
Attacker Value
Unknown
CVE-2023-52032
Disclosure Date: January 11, 2024 (last updated January 18, 2024)
TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to contain a remote command execution (RCE) vulnerability via the "main" function.
0
